The options parameter is a hash of options, taken from the
list :force, :noop, :preserve, and
:verbose. :noop means that no changes are made.
The other two are obvious. Each method documents the options that it
honours.

All methods that have the concept of a “source” file or directory can take
either one file or a list of files in that argument. See the method
documentation for examples.

Changes owner and group on the named files (in list) to the
user user and the group group. user
and group may be an ID (Integer/String) or a name (String). If
user or group is nil, this method does not change
the attribute.

Changes owner and group on the named files (in list) to the
user user and the group group recursively.
user and group may be an ID (Integer/String) or a
name (String). If user or group is nil, this
method does not change the attribute.

Copies a file system entry src to dest. If
src is a directory, this method copies its contents
recursively. This method preserves file types, c.f. symlink, directory…
(FIFO, device files and etc. are not supported yet)

Both of src and dest must be a path name.
src must exist, dest must not exist.

If preserve is true, this method preserves owner, group,
permissions and modified time.

If dereference_root is true, this method dereference tree
root.

If remove_destination is true, this method removes each
destination file before copy.

Creates a hard link new which points to old. If
new already exists and it is a directory, creates a link
new/old. If new already exists and it is not a
directory, raises Errno::EEXIST. But if :force option is set, overwrite
new.

Creates a symbolic link new which points to old.
If new already exists and it is a directory, creates a
symbolic link new/old. If new already exists and
it is not a directory, raises Errno::EEXIST. But if :force option is set,
overwrite new.

This method removes a file system entry path.
path shall be a regular file, a directory, or something. If
path is a directory, remove it recursively. This method is
required to avoid TOCTTOU (time-of-check-to-time-of-use) local security
vulnerability of rm_r. rm_r causes security hole when:

* Parent directory is world writable (including /tmp).
* Removing directory tree includes world writable directory.
* The system has symbolic link.

To avoid this security hole, this method applies special preprocess. If
path is a directory, this method chown(2) and chmod(2) all
removing directories. This requires the current process is the owner of
the removing whole directory tree, or is the super user (root).

WARNING: You must ensure that ALL parent directories
cannot be moved by other untrusted users. For example, parent directories
should not be owned by untrusted users, and should not be world writable
except when the sticky bit set.

WARNING: Only the owner of the removing directory tree, or Unix super user
(root) should invoke this method. Otherwise this method does not work.

WARNING: This method causes local vulnerability if one of parent
directories or removing directory tree are world writable (including /tmp,
whose permission is 1777), and the current process has strong privilege
such as Unix super user (root), and the system has symbolic link. For
secure removing, read the documentation of remove_entry_secure carefully,
and set :secure option to true. Default is :secure=>false.

NOTE: This method calls remove_entry_secure if :secure option is set. See
also remove_entry_secure.